syslog2iptables: src/syslogconfig.h annotate

annotate src/syslogconfig.h @ 3:8fe310e5cd44

initial coding

author	carl
date	Sun, 27 Nov 2005 21:12:01 -0800
parents	6e88da080f08
children	2737ab01659a

rev	line source
1 551433a01cab initial coding carl parents: diff changeset	1 /***************************************************************************
551433a01cab initial coding carl parents: diff changeset	2 * Copyright (C) 2005 by 510 Software Group *
551433a01cab initial coding carl parents: diff changeset	3 * *
551433a01cab initial coding carl parents: diff changeset	4 * *
551433a01cab initial coding carl parents: diff changeset	5 * This program is free software; you can redistribute it and/or modify *
551433a01cab initial coding carl parents: diff changeset	6 * it under the terms of the GNU General Public License as published by *
551433a01cab initial coding carl parents: diff changeset	7 * the Free Software Foundation; either version 2 of the License, or *
551433a01cab initial coding carl parents: diff changeset	8 * (at your option) any later version. *
551433a01cab initial coding carl parents: diff changeset	9 * *
551433a01cab initial coding carl parents: diff changeset	10 * This program is distributed in the hope that it will be useful, *
551433a01cab initial coding carl parents: diff changeset	11 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
551433a01cab initial coding carl parents: diff changeset	12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
551433a01cab initial coding carl parents: diff changeset	13 * GNU General Public License for more details. *
551433a01cab initial coding carl parents: diff changeset	14 * *
551433a01cab initial coding carl parents: diff changeset	15 * You should have received a copy of the GNU General Public License *
551433a01cab initial coding carl parents: diff changeset	16 * along with this program; if not, write to the *
551433a01cab initial coding carl parents: diff changeset	17 * Free Software Foundation, Inc., *
551433a01cab initial coding carl parents: diff changeset	18 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
551433a01cab initial coding carl parents: diff changeset	19 ***************************************************************************/
551433a01cab initial coding carl parents: diff changeset	20
551433a01cab initial coding carl parents: diff changeset	21 #ifndef syslogconfig_include
551433a01cab initial coding carl parents: diff changeset	22 #define syslogconfig_include
551433a01cab initial coding carl parents: diff changeset	23
551433a01cab initial coding carl parents: diff changeset	24 #include "tokenizer.h"
551433a01cab initial coding carl parents: diff changeset	25 #include <map>
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	26 #include <regex.h>
1 551433a01cab initial coding carl parents: diff changeset	27
551433a01cab initial coding carl parents: diff changeset	28
551433a01cab initial coding carl parents: diff changeset	29 class SYSLOGCONFIG;
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	30 class CONFIG;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	31
8fe310e5cd44 initial coding carl parents: 2 diff changeset	32 struct IPPAIR {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	33 int first;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	34 int last;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	35 int cidr;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	36 };
8fe310e5cd44 initial coding carl parents: 2 diff changeset	37
8fe310e5cd44 initial coding carl parents: 2 diff changeset	38 class PATTERN {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	39 char * pattern; // owned by the string table
8fe310e5cd44 initial coding carl parents: 2 diff changeset	40 regex_t re;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	41 int index; // zero based substring of the regex match that contains the ip address or hostname
8fe310e5cd44 initial coding carl parents: 2 diff changeset	42 int bucket; // count to add to the ip address leaky bucket
8fe310e5cd44 initial coding carl parents: 2 diff changeset	43 public:
8fe310e5cd44 initial coding carl parents: 2 diff changeset	44 ~PATTERN();
8fe310e5cd44 initial coding carl parents: 2 diff changeset	45 PATTERN(TOKEN &tok, char *pattern_, int index_, int bucket_);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	46 bool process(char *buf, CONFIG &con);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	47 void dump(int level);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	48 };
1 551433a01cab initial coding carl parents: diff changeset	49
551433a01cab initial coding carl parents: diff changeset	50 typedef SYSLOGCONFIG * SYSLOGCONFIGP;
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	51 typedef PATTERN * PATTERNP;
1 551433a01cab initial coding carl parents: diff changeset	52 typedef list<SYSLOGCONFIGP> syslogconfig_list;
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	53 typedef list<IPPAIR> ippair_list;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	54 typedef list<PATTERNP> pattern_list;
2 6e88da080f08 initial coding carl parents: 1 diff changeset	55 const int buflen = 1024;
1 551433a01cab initial coding carl parents: diff changeset	56
551433a01cab initial coding carl parents: diff changeset	57 class SYSLOGCONFIG {
551433a01cab initial coding carl parents: diff changeset	58 char * file_name; // name of the syslog file
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	59 pattern_list patterns; // owns the patterns
2 6e88da080f08 initial coding carl parents: 1 diff changeset	60 int fd;
6e88da080f08 initial coding carl parents: 1 diff changeset	61 int len; // bytes in the buffer
6e88da080f08 initial coding carl parents: 1 diff changeset	62 char buf[buflen];
1 551433a01cab initial coding carl parents: diff changeset	63 public:
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	64 SYSLOGCONFIG(TOKEN &tok, char *file_name_);
1 551433a01cab initial coding carl parents: diff changeset	65 ~SYSLOGCONFIG();
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	66 void add_pattern(PATTERNP pat);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	67 bool failed() { return (fd == -1); };
8fe310e5cd44 initial coding carl parents: 2 diff changeset	68 bool read(CONFIG &con);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	69 void process(CONFIG &con);
1 551433a01cab initial coding carl parents: diff changeset	70 void dump(int level);
551433a01cab initial coding carl parents: diff changeset	71 };
551433a01cab initial coding carl parents: diff changeset	72
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	73 class CONFIG {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	74 public:
1 551433a01cab initial coding carl parents: diff changeset	75 // the only mutable stuff once it has been loaded from the config file
551433a01cab initial coding carl parents: diff changeset	76 int reference_count; // protected by the global config_mutex
551433a01cab initial coding carl parents: diff changeset	77 // all the rest is constant after loading from the config file
551433a01cab initial coding carl parents: diff changeset	78 int generation;
551433a01cab initial coding carl parents: diff changeset	79 time_t load_time;
551433a01cab initial coding carl parents: diff changeset	80 string_set config_files;
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	81 int threshold;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	82 ippair_list ignore; // owns all the ippairs
8fe310e5cd44 initial coding carl parents: 2 diff changeset	83 syslogconfig_list syslogconfigs; // owns all the syslogconfigs
1 551433a01cab initial coding carl parents: diff changeset	84
551433a01cab initial coding carl parents: diff changeset	85 CONFIG();
551433a01cab initial coding carl parents: diff changeset	86 ~CONFIG();
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	87 void set_threshold(int threshold_) { threshold = threshold_; };
8fe310e5cd44 initial coding carl parents: 2 diff changeset	88 int get_threshold() { return threshold; };
2 6e88da080f08 initial coding carl parents: 1 diff changeset	89 void add_syslogconfig(SYSLOGCONFIGP con);
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	90 void add_pair(IPPAIR pair);
2 6e88da080f08 initial coding carl parents: 1 diff changeset	91 void dump();
6e88da080f08 initial coding carl parents: 1 diff changeset	92 void read();
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	93 void sleep(int duration);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	94 bool looking(int ip);
1 551433a01cab initial coding carl parents: diff changeset	95 };
551433a01cab initial coding carl parents: diff changeset	96
551433a01cab initial coding carl parents: diff changeset	97 void discard(string_set &s);
551433a01cab initial coding carl parents: diff changeset	98 char* register_string(string_set &s, char *name);
551433a01cab initial coding carl parents: diff changeset	99 char* register_string(char *name);
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	100 int ip_address(char *have);
1 551433a01cab initial coding carl parents: diff changeset	101 bool load_conf(CONFIG &dc, char *fn);
551433a01cab initial coding carl parents: diff changeset	102 void token_init();
551433a01cab initial coding carl parents: diff changeset	103
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	104 extern char *token_bucket;
1 551433a01cab initial coding carl parents: diff changeset	105 extern char *token_file;
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	106 extern char *token_ignore;
1 551433a01cab initial coding carl parents: diff changeset	107 extern char *token_include;
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	108 extern char *token_index;
1 551433a01cab initial coding carl parents: diff changeset	109 extern char *token_lbrace;
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	110 extern char *token_pattern;
1 551433a01cab initial coding carl parents: diff changeset	111 extern char *token_rbrace;
551433a01cab initial coding carl parents: diff changeset	112 extern char *token_semi;
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	113 extern char *token_slash;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	114 extern char *token_threshold;
1 551433a01cab initial coding carl parents: diff changeset	115
551433a01cab initial coding carl parents: diff changeset	116 #endif

Mercurial > syslog2iptables

annotate src/syslogconfig.h @ 3:8fe310e5cd44